sso-parent/sso-server/src/main/java/com/uas/sso/service/impl/UserServiceImpl.java

package com.uas.sso.service.impl;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.uas.sso.common.encrypt.MD5;
import com.uas.sso.common.util.HttpUtil;
import com.uas.sso.core.Const;
import com.uas.sso.core.ICallable;
import com.uas.sso.core.Status;
import com.uas.sso.core.Type;
import com.uas.sso.dao.UserDao;
import com.uas.sso.dao.UserRecordDao;
import com.uas.sso.entity.*;
import com.uas.sso.exception.VisibleError;
import com.uas.sso.logging.LoggerManager;
import com.uas.sso.logging.SyncBufferedLogger;
import com.uas.sso.logging.UserBufferedLogger;
import com.uas.sso.service.*;
import com.uas.sso.util.AccountTypeUtils;
import com.uas.sso.util.ExecuteUtils;
import com.uas.sso.util.PasswordLevelUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageRequest;
import org.springframework.data.domain.Pageable;
import org.springframework.data.jpa.domain.Specification;
import org.springframework.stereotype.Service;
import org.springframework.ui.ModelMap;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;

import javax.persistence.criteria.*;
import javax.validation.constraints.NotNull;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;


/**
 * 用户service实现类
 *
 * @author wangmh
 * @date 2018/1/2
 */
@Service
public class UserServiceImpl implements UserService {

    @Autowired
    private UserDao userDao;

    @Autowired
    private UserRecordDao userRecordDao;

    @Autowired
    private UserValidService userValidService;

    @Autowired
    private UserspaceService userspaceService;

    @Autowired
    private AppService appService;

    @Autowired
    private UserQuestionService userQuestionService;

    private UserBufferedLogger userLog = LoggerManager.getLogger(UserBufferedLogger.class);

    private SyncBufferedLogger syncLog = LoggerManager.getLogger(SyncBufferedLogger.class);

    @Override
    public User findByMobile(String mobile, String mobileArea) {
        return userDao.findByMobileAndMobileArea(mobile, mobileArea);
    }

    @Override
    public User findByMobile(String mobile) {
        return userDao.findByMobile(mobile);
    }

    @Override
    public boolean mobileHasRegistered(String mobile) {
        User user = userDao.findByMobile(mobile);
        if (user == null) {
            return false;
        }
        return true;
    }

    @Override
    public boolean emailHasRegistered(String email) {
        List<User> users = userDao.findByEmail(email);
        if (CollectionUtils.isEmpty(users)) {
            return false;
        }
        return true;
    }

    @Override
    public synchronized User register(User user) {
        String noEncryPwd = user.getPassword();
        // 校验手机号是否被注册
        if (mobileHasRegistered(user.getMobile())) {
            throw new VisibleError("该手机号已被注册");
        }

        // 由于现在不考虑手机号所属区域，默认为中国大陆
        if (StringUtils.isEmpty(user.getMobileArea())) {
            user.setMobileArea(Const.CONTINENT);
        }

        if (user.getMobile() == null || !user.getMobile().matches(Const.REGEXP_MOBILE_CONTINENT)) {
            throw new VisibleError("请填写正确的手机号");
        }

        // 设置基本属性，手机号默认已认证
        user.setRegisterDate(new Timestamp(System.currentTimeMillis()));
        Long uu = userDao.findMaxUU();
        user.setUserUU(uu == null ? 1000060000L : (uu + 1));
        user.setSalt(String.valueOf(user.getUserUU()));
        user.setMobileValidCode((short) Status.AUTHENTICATED.getCode());
        user.setEmailValidCode((short) Status.NOT_APPLYING.getCode());
        user.setIdentityValidCode((short) Status.NOT_APPLYING.getCode());
        user.setPassword(getEncryPassword(Const.ENCRY_FORMAT, user.getPassword(), user.getSalt()));
        user.setUserRecord(new UserRecord());
        user.getUserRecord().setUser(user);
        user.getUserRecord().setUserUU(user.getUserUU());

        userDao.save(user);
        userLog.info(user, Type.UPDATE_REGISTER.getValue());

        // 同步到各个应用
        return syncUserInfo(user.getUserUU(), noEncryPwd, "个人注册");
    }

    @Override
    public String getEncryPassword(String format, String noEncryPwd, String salt) {
        if (StringUtils.isEmpty(format)) {
            return noEncryPwd;
        }
        // 超过32认为是已加密过的密文
        if (noEncryPwd.length() >= 32) {
            /// 之后添加日志时恢复
            //logger.error("用户密码加密", String.format("传递过来的密码(%s)必须是未加密的明文", noEncryPwd));
            throw new VisibleError("密码过长，请重新输入");
        }
        // $password{$salt}
        String password = format.replace(Const.ENCRY_PARAM_PASSWORD, noEncryPwd);
        password = password.replace(Const.ENCRY_PARAM_SALT, salt == null ? "" : salt);
        return MD5.toMD5(password);
    }

    @Override
    public User save(User user) {
        user = userDao.save(user);
        return syncUserInfo(user, null, "修改用户信息");
    }

    @Override
    public void checkPassword(Long userUU, String password, boolean isEncry) {
        // 根据用户uu号找到旧数据
        User oldUser = userDao.findByUserUU(userUU);
        if (oldUser == null) {
            throw new VisibleError("用户名或密码错误");
        }

        // 校验密码
        checkPassword(oldUser, password, isEncry);

    }

    @Override
    public void checkPasswordByMobile(String mobile, String password, boolean isEncry) {
        // 找到用户
        User oldUser = userDao.findByMobile(mobile);
        if (oldUser == null) {
            throw new VisibleError("用户名或密码错误");
        }

        // 校验密码
        checkPassword(oldUser, password, isEncry);
    }

    @Override
    public void checkPasswordByEmail(String email, String password, boolean isEncry) {
        // 找到用户
        List<User> oldUsers = userDao.findByEmailAndEmailValidCode(email, (short) Status.AUTHENTICATED.getCode());
        if (CollectionUtils.isEmpty(oldUsers)) {
            throw new VisibleError("该邮箱未认证，请使用手机号登录");
        }

        // 校验密码
        for (User oldUser : oldUsers) {
            checkPassword(oldUser, password, isEncry);
        }
    }

    @Override
    public int getPwdErrorCount(String username) {
        User user = findByUsername(username);
        if (user == null) {
            throw new VisibleError("用户名不存在");
        }
        if (user.getUserRecord() == null) {
            return 0;
        }
        return user.getUserRecord().getPwdErrorCount();
    }

    @Override
    public User findByUsername(String username) {
        String type = AccountTypeUtils.getAccountType(username);
        User user = null;
        if (AccountTypeUtils.MOBILE.equals(type)) {
            // 手机号
            user = userDao.findByMobile(username);
        } else if (AccountTypeUtils.EMAIL.equals(type)) {
            // 邮箱
            List<User> users = userDao.findByEmailAndEmailValidCode(username, (short) Status.AUTHENTICATED.getCode());
            // 认证邮箱只有一条记录，直接选择第一个
            if (!CollectionUtils.isEmpty(users)) {
                user = users.get(0);
            }
        } else if (AccountTypeUtils.UU_NUMBER.equals(type)) {
            // uu号
            user = userDao.findByUserUU(Long.valueOf(username));
        }
        return user;
    }

    /**
     * 校验用户密码
     *
     * @param oldUser 用户信息
     * @param password 需要校验的密码
     * @param isEncry 需校验的密码是否被加密
     */
    private void checkPassword(User oldUser, String password, boolean isEncry) {
        // 密码未加密，转换成加密后的密码
        String encryPassword = password;
        if (!isEncry) {
            encryPassword = getEncryPassword(Const.ENCRY_FORMAT, password, oldUser.getSalt());
        }

        // 校验密码
        if (!encryPassword.equals(oldUser.getPassword())) {
            throw new VisibleError("您输入的密码与已有账号的登录密码不一致，请重新输入。");
        }
    }

    @Override
    public UserRecord save(UserRecord userRecord) {
        return userRecordDao.save(userRecord);
    }

    @Override
    public User findOne(Long userUU) {
        return userDao.findOne(userUU);
    }

    @Override
    public boolean realNameIsValid(String realName) {
        User user = userDao.findByRealName(realName);
        if (user != null && user.getIdentityValidCode() == Status.AUTHENTICATED.getCode()) {
            return true;
        }
        return false;
    }

    @Override
    public boolean idCardIsValid(String idCard) {
        User user = userDao.findByIdCard(idCard);
        if (user != null && user.getIdentityValidCode() == Status.AUTHENTICATED.getCode()) {
            return true;
        }
        return false;
    }

    @Override
    public void submitIdValidInfo(User user) {
        // 校验企业名和营业执照是否被认证
        boolean isValid = idCardIsValid(user.getIdCard());
        if (isValid) {
            throw new VisibleError("该身份证号已被认证，请确认");
        }

        User oldUser = userDao.findByUserUU(user.getUserUU());
        oldUser.setIdentityValidCode((short) Status.TO_BE_CERTIFIED.getCode());
        oldUser.setRealName(user.getRealName());
        oldUser.setIdCard(user.getIdCard());
        this.save(oldUser);
        // 保存日志
        userValidService.submitValid(user);
    }

    @Override
    public void updateMobile(Long userUU, String newMobile) {
        // 获取用户信息
        User user = userDao.findOne(userUU);
        if (user == null) {
            throw new VisibleError("用户不存在");
        }

        // 修改手机号
        User oldUser = userDao.findByMobile(newMobile);
        if (oldUser != null) {
            throw new VisibleError("该手机号已被注册");
        }
        user.setMobile(newMobile);
        user.setMobileValidCode((short) Status.AUTHENTICATED.getCode());

        // 保存用户信息
        userDao.save(user);

        // 保存日志
        userLog.info(user, Type.UPDATE_MOBILE.getValue());

        // 同步到各个应用
        syncUserInfo(user.getUserUU(), null, "修改手机号");
    }

    @Override
    public void updateEmail(Long userUU, String newEmail) {
        // 获取用户信息
        User user = userDao.findOne(userUU);
        if (user == null) {
            throw new VisibleError("用户不存在");
        }

        // 修改手机号
        user.setEmail(newEmail);
        user.setEmailValidCode((short) Status.AUTHENTICATED.getCode());

        // 保存用户信息
        userDao.save(user);

        // 保存日志
        userLog.info(user, Type.UPDATE_EMAIL.getValue());

        // 同步信息到各应用
        syncUserInfo(user.getUserUU(), null, "修改邮箱");
    }

    @Override
    public Page<User> findMemberBySpaceUU(int page, int size, final Long spaceUU) {
        Pageable pageable = PageInfo.pageRequest(new PageRequest(page, size));
        Page<User> pUsers = userDao.findAll(new Specification<User>() {
            @Override
            public Predicate toPredicate(Root<User> root, CriteriaQuery<?> query, CriteriaBuilder cb) {
                List<Predicate> list = new ArrayList<>();
                list.add(cb.equal(root.join("userSpaces", JoinType.INNER).get("spaceUU").as(Long.class), spaceUU));
                Predicate[] predicates = new Predicate[list.size()];
                predicates = list.toArray(predicates);
                return cb.and(predicates);
            }
        }, pageable);
        return new PageInfo<User>(pUsers.getContent(), pageable, pUsers.getTotalElements());
    }

    @Override
    public void bindUserspace(String appId, Long userUU, Long spaceUU) {
        if (StringUtils.isEmpty(userUU) || StringUtils.isEmpty(spaceUU)) {
            throw new VisibleError("参数错误");
        }

        // 找到用户和企业
        User user = findOne(userUU);
        Userspace userspace = userspaceService.findOne(spaceUU);

        // 将企业添加到用户列表上
        Set<Userspace> userspaces = user.getUserSpaces();
        userspaces.add(userspace);

        // 保存
        userDao.save(user);

        syncUserBindSpace(userUU, spaceUU);

        // 保存日志
        userLog.info(user, Type.BIND_USERSPACE.getValue()+spaceUU);
    }

    /**
     * 同步用户绑定企业关系
     * @param userUU 用户uu号
     * @param spaceUU 企业uu号
     */
    private void syncUserBindSpace(Long userUU, Long spaceUU) {
        syncRelation(userUU, spaceUU, "bind");
    }

    /**
     * 同步用户解除绑定企业关系
     * @param userUU 用户uu号
     * @param spaceUU 企业uu号
     */
    private void syncUserUnbindSpace(Long userUU, Long spaceUU) {
        syncRelation(userUU, spaceUU, "unbind");
    }

    /**
     * 同步用户与企业的关系
     * @param userUU 用户uu号
     * @param spaceUU 企业uu号
     * @param type 类型 (bind or unbind)
     */
    private void syncRelation(final Long userUU, final Long spaceUU, final String type) {
        List<String> apps = appService.findUid();

        ExecuteUtils.execute(new ICallable<Void, String>() {

            @Override
            public Void call(String appId) {
                App tempApp = appService.findOne(appId);
                if (tempApp != null && StringUtils.isEmpty(tempApp.getUserControl())
                        && !StringUtils.isEmpty(tempApp.getBackRelationUrl())) {
                    String url = tempApp.getBackRelationUrl();
                    ModelMap formData = new ModelMap();
                    formData.put("userUU", userUU);
                    formData.put("spaceUU", spaceUU);
                    formData.put("type", type);
                    HttpUtil.ResponseWrap res = null;
                    try {
                        res = HttpUtil.doPost(url, formData, 10000);
                        if (!res.isSuccess()) {
                            syncLog.error(appId, "同步绑定信息失败", JSON.toJSONString(formData), res.getContent());
                        } else {
                            syncLog.info(appId, "同步绑定信息成功", JSON.toJSONString(formData));
                        }
                    } catch (Exception e) {
                        syncLog.error(appId, "同步绑定信息失败", JSON.toJSONString(formData), e.getMessage());
                    }
                }
                return null;
            }
        }, apps);
    }

    @Override
    public void unbindUserspace(Long userUU, Long spaceUU) {
        if (StringUtils.isEmpty(userUU) || StringUtils.isEmpty(spaceUU)) {
            throw new VisibleError("参数错误");
        }

        // 找到用户和企业
        User user = findOne(userUU);
        if (user == null) {
            throw new VisibleError("未找到用户信息");
        }
        Userspace userspace = userspaceService.findOne(spaceUU);
        if (userspace == null) {
            throw new VisibleError("未找到企业信息");
        }

        // 将企业添加到用户列表上
        Set<Userspace> userspaces = user.getUserSpaces();
        userspaces.remove(userspace);

        // 保存
        userDao.save(user);

        syncUserUnbindSpace(userUU, spaceUU);

        // 保存日志
        userLog.info(user, Type.UNBIND_USERSPACE.getValue()+spaceUU);
    }

    @Override
    public void setQuestion(Long userUU, List<UserQuestion> questions) {
        // 找到用户密保
        User user = userDao.findOne(userUU);
        List<UserQuestion> userQuestions = user.getQuestions();

        // 清空旧的并添加新的
        if (CollectionUtils.isEmpty(userQuestions)) {
            user.setQuestions(questions);
        } else {
            for (int i=0; i<questions.size(); i++) {
                if (userQuestions.get(i) == null) {
                    user.getQuestions().add(questions.get(i));
                } else {
                    userQuestions.get(i).setQuestion(questions.get(i).getQuestion());
                    userQuestions.get(i).setAnswer(questions.get(i).getAnswer());
                    userQuestions.get(i).setSort(questions.get(i).getSort());
                }
            }
        }

        // 保存并添加日志
        user = userDao.save(user);
        syncUserInfo(user, null, "修改密保");
        userLog.info(user, Type.UPDATE_QUESTION.getValue(), JSON.toJSONString(user.getQuestions()));
    }

    @Override
    public List<String> findRepeatEmail() {
        return userDao.findRepeatEmail();
    }

    @Override
    public List<User> findByEmail(String email) {
        return userDao.findByEmail(email);
    }

    @Override
    public User updatePassword(Long userUU, String noEncryPwd) {
        User user = userDao.findOne(userUU);
        if (user == null) {
            throw new VisibleError("该用户不存在");
        }
        user.setPassword(getEncryPassword(Const.ENCRY_FORMAT, noEncryPwd, user.getSalt()));
        user.setPasswordLevel(PasswordLevelUtils.checkPasswordLevel(noEncryPwd).getValue());

        user = syncUserInfo(user , noEncryPwd, "用户修改密码");

        return userDao.save(user);
    }

    @Override
    public List<UserSpaceDetailInfo> findUserByTels(List<String> tels) {
        // 获取用户列表
        List<User> users = userDao.findUsersByTels(tels);
        if (CollectionUtils.isEmpty(users)) {
            return null;
        }

        List<UserSpaceDetailInfo> data = new ArrayList<>(users.size());
        UserSpaceDetailInfo info;
        // 遍历用户列表取数据
        for (User user : users) {
            info = new UserSpaceDetailInfo();
            Set<Userspace> spaces = user.getUserSpaces();
            if (!CollectionUtils.isEmpty(spaces)) {
                // 有企业的话随便取一个，uu互联需求
                Iterator<Userspace> iterator = spaces.iterator();
                Userspace userspace = iterator.next();
                info.setAddress(userspace.getRegAddress());
                info.setCompany(userspace.getSpaceName());
            }
            info.setEmail(user.getEmail());
            info.setImid(user.getImId());
            info.setUsertel(user.getMobile());
            info.setUsername(user.getVipName());
            data.add(info);
        }
        return data;
    }

    @Override
    public void resetErrorCount(Long userUU) {
        UserRecord userRecord = userRecordDao.findOne(userUU);
        if (userRecord == null) {
            userRecord = new UserRecord(userUU);
        }
        userRecord.setPwdErrorCount(0);
        userRecordDao.save(userRecord);
    }

    @Override
    public User updateUser(@NotNull Long userUU, User newUser) {
        User oldUser = userDao.findOne(userUU);
        if (oldUser == null) {
            throw new VisibleError("未找到用户信息");
        }

        // 修改手机号
        if (!StringUtils.isEmpty(newUser.getMobile()) && !newUser.getMobile().equals(oldUser.getMobile())) {
            if (mobileHasRegistered(newUser.getMobile())) {
                throw new VisibleError("手机号已被注册");
            }
            if (!newUser.getMobile().matches(Const.REGEXP_MOBILE_CONTINENT)) {
                throw new VisibleError("请输入正确的手机号");
            }
            oldUser.setMobile(newUser.getMobile());
            oldUser.setMobileValidCode((short) Status.NOT_APPLYING.getCode());
        }

        // 修改邮箱
        if (!StringUtils.isEmpty(newUser.getEmail()) && !newUser.getEmail().equals(oldUser.getEmail())) {
            if (emailHasRegistered(newUser.getEmail())) {
                throw new VisibleError("邮箱已被注册");
            }
            if (!newUser.getEmail().matches(Const.REGEXP_EMAIL)) {
                throw new VisibleError("请输入正确的邮箱");
            }
            oldUser.setEmail(newUser.getEmail());
            oldUser.setEmailValidCode((short) Status.NOT_APPLYING.getCode());
        }

        // 修改用户名
        if (!StringUtils.isEmpty(newUser.getVipName())) {
            oldUser.setVipName(newUser.getVipName());
        }

        // 保存用户信息
        oldUser = userDao.save(oldUser);

        oldUser = syncUserInfo(oldUser, null, "(接口调用)修改用户信息");
        return oldUser;
    }

    /**
     * 同步用户信息到各个应用
     * @param userUU 用户uu号
     * @param noEncryPwd 未加密密码，用于同步im
     * @param msg 同步信息描述，用户区分同步类型
     */
    private User syncUserInfo(Long userUU, String noEncryPwd, String msg) {
        return syncUserInfo(findOne(userUU), noEncryPwd, msg);
    }

    /**
     * 同步用户信息到各个应用
     * @param user 用户信息
     * @param noEncryPwd 未加密密码，用于同步im
     * @param msg 同步信息描述，用户区分同步类型
     */
    private User syncUserInfo(User user, String noEncryPwd, final String msg) {
        List<String> apps = appService.findUid();
        final boolean hasQuestion = !CollectionUtils.isEmpty(user.getQuestions());
        try {
            // 同步信息到im
            String imId = syncUserToIm(user, noEncryPwd, msg);
            user.setImId(imId);
            user = userDao.save(user);
        } catch (Exception e) {
            e.printStackTrace();
        }
        final User finalUser = user;
        ExecuteUtils.execute(new ICallable<Void, String>() {

            @Override
            public Void call(String appId) {
                App tempApp = appService.findOne(appId);
                if (tempApp != null && StringUtils.isEmpty(tempApp.getUserControl())
                        && !StringUtils.isEmpty(tempApp.getBackUserUrl()) && !"im".equals(appId)) {
                    String url = tempApp.getBackUserUrl();
                    JSONObject formData = JSON.parseObject(JSON.toJSONString(finalUser));
                    formData.put("password", finalUser.getPassword());
                    formData.put("hasQuestion", hasQuestion);
                    HttpUtil.ResponseWrap res = null;
                    try {
                        res = HttpUtil.doPost(url, formData, 10000);
                        if (!res.isSuccess()) {
                            syncLog.error(appId, msg + ",同步用户信息失败", JSON.toJSONString(formData), res.getContent());
                        } else {
                            syncLog.info(appId, msg + ",同步用户信息成功", JSON.toJSONString(formData));
                        }
                    } catch (Exception e) {
                        syncLog.error(appId, msg + ",同步用户信息失败", JSON.toJSONString(formData), e.getMessage());
                    }
                }
                return null;
            }
        }, apps);
        return user;
    }

    private String syncUserToIm(User user, String noEncryPwd, String msg) throws Exception {
        String appId = "im";
        App app = appService.findOne(appId);
        if (!StringUtils.isEmpty(app.getBackUserUrl())) {
            String url = app.getBackUserUrl();
            HttpUtil.ResponseWrap res = null;
            ModelMap formData = new ModelMap();
            formData.put("dialectUID", user.getImId());
            formData.put("realName", StringUtils.isEmpty(user.getRealName()) ? user.getVipName() : user.getRealName());
            formData.put("password", noEncryPwd);
            formData.put("email", StringUtils.isEmpty(user.getEmail()) ? "0" : user.getEmail());
            formData.put("mobile", user.getMobile());
            res = HttpUtil.doPost(url, formData, 10000);
            if (!res.isSuccess()) {
                syncLog.error(appId, msg + ",同步用户信息失败", formData.toString(), res.getContent());
                throw new Exception(res.getContent());
            } else {
                JSONObject obj = JSON.parseObject(res.getContent());
                if (obj.getString("resultMsg") != null) {
                    syncLog.error(appId, msg + ",同步用户信息失败", formData.toString(), res.getContent());
                }
                syncLog.info(appId, msg + ",同步用户信息成功", formData.toString(), res.getContent());
                return obj.getString("dialectUID");
            }
        }
        return null;
    }
}